Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Scientific Linux SL7: SLSA-2019-2112-1 Moderate: mod_auth_openidc Issues

Calendar Aug 26, 2019 User Avatar LinuxSecurity Advisories
1 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory authentication issue Scientific Linux mod_auth_openidc error pages oauth20
mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an "AuthType oauth20" configuration (CVE-2017-6413) * mod_auth_openidc: Shows user-supplied content on error pages (CVE-2017-6059) SL7 x86_64 mod_auth_openidc-1.8.8-5.el7.x86_64.rpm mod_auth_openidc-debuginfo-1.8.8-5.el7.x86_64.rpm - Scientific Linux Development Team 
Synopsis: Moderate: mod_auth_openidc security update
Advisory ID:       SLSA-2019:2112-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2017-6413
                   CVE-2017-6059
--

Security Fix(es):

* mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an
"AuthType oauth20" configuration (CVE-2017-6413)

* mod_auth_openidc: Shows user-supplied content on error pages
(CVE-2017-6059)
--

SL7
  x86_64
    mod_auth_openidc-1.8.8-5.el7.x86_64.rpm
    mod_auth_openidc-debuginfo-1.8.8-5.el7.x86_64.rpm

- Scientific Linux Development Team

Related News

Your message here